IT security
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
11 Jul 2022
SMEs lagging on multifactor authentication
Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report Continue Reading
-
Opinion
11 Jul 2022
Cyber insurance: An effective use of your scant security budget?
The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading
-
Feature
11 Jul 2022
Cyber insurance: Tips for keeping the right level of cover
Transferring risk to an insurer doesn’t mean you are risk-free – so what is not included in your cyber insurance cover? Continue Reading
-
News
08 Jul 2022
Stop telling clients to pay ransomware gangs, solicitors told
The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims Continue Reading
-
News
08 Jul 2022
Sweden and GDPR – four years on
Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation Continue Reading
-
News
08 Jul 2022
Microsoft appears to reverse VBA macro-blocking
Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading
-
Opinion
08 Jul 2022
Lots to consider when buying cyber insurance, so do your homework
When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading
-
News
07 Jul 2022
UK government does not yet understand threat of technology to foreign policy
Select committee chair warns government that the threat posed to global security by malign actors influencing tech standards is no ‘dystopian fantasy’ Continue Reading
-
News
07 Jul 2022
MI5, FBI chiefs warn of Chinese cyber espionage threat
In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading
-
News
07 Jul 2022
UK signs ‘in principle’ data adequacy agreement with South Korea
Bilateral adequacy agreement will allow businesses to conduct cross-border data transfers with minimal restrictions Continue Reading
-
Opinion
07 Jul 2022
The evolution of threat modelling as a DevSecOps practice
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process Continue Reading
-
News
07 Jul 2022
Amid NSO lawsuit, Apple expands spyware protections
Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’ Continue Reading
-
Opinion
07 Jul 2022
Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it
In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading
-
News
07 Jul 2022
Latest Marriott data breach not as serious as others
Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately Continue Reading
-
E-Zine
07 Jul 2022
CW Middle East: UAE citizens embrace new digital technologies
A survey shows that people in the United Arab Emirates believe next-generation technologies such as 3D printing and artificial intelligence will become widespread in the country. Also read how the UAE has improved its security posture amid mounting cyber threats. Continue Reading
-
News
07 Jul 2022
Tech companies face pressure over end-to-end encryption in Online Safety Bill
An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services Continue Reading
-
News
07 Jul 2022
The Security Interviews: Inside Russia’s Ukraine information operation
Computer Weekly speaks to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine, and how the Kremlin’s strategy is set to evolve Continue Reading
-
Definition
06 Jul 2022
blended threat
A blended threat is an exploit that combines elements of multiple types of malware and usually employs various attack vectors to increase the severity of damage and the speed of contagion. Continue Reading
- 06 Jul 2022
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
-
News
06 Jul 2022
ESET: Lazarus APT hit aero, defence sector with fake job ads
ESET researchers present new findings into a series of cyber attacks on the aerospace and defence sectors by North Korea’s Lazarus crime syndicate Continue Reading
-
News
05 Jul 2022
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams Continue Reading
-
News
05 Jul 2022
LogRhythm bullish on growth in APAC
LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats Continue Reading
-
News
05 Jul 2022
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading
-
05 Jul 2022
How to get the right level of cyber protection
The first part of our buyer’s guide to cyber insurance looks at how the market for cyber insurance is evolving and how IT security leaders can avoid buying the wrong level of cover. Continue Reading
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
04 Jul 2022
MPs call for ban on Chinese surveillance camera technology
Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China Continue Reading
-
News
04 Jul 2022
Government rejects Lords police tech inquiry recommendations
The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies Continue Reading
-
News
04 Jul 2022
Assange appeals against Priti Patel’s extradition order
WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain Continue Reading
-
Feature
04 Jul 2022
Cyber insurance: What does a CISO need to know?
We look at how the market for cyber insurance is evolving and how IT security chiefs can avoid buying the wrong level of cover Continue Reading
-
Feature
01 Jul 2022
Tech sector efforts to root out forced labour are failing
Digitally mapping supply chains to identify forced labour and slavery is no longer a technology problem for the IT sector, but a lack of government enforcement and corporate inaction are major barriers to effective change Continue Reading
-
Opinion
01 Jul 2022
Security Think Tank: Now is the time to think about cyber insurance
Many IT leaders shy away from cyber insurance, but new, innovative developments in the market can help organisations take an approach that suits their needs Continue Reading
-
News
30 Jun 2022
ICO to cut back on fines for public sector data breaches
Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over Continue Reading
-
News
29 Jun 2022
Urgent need for new laws to govern biometrics, legal review finds
Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights Continue Reading
-
News
29 Jun 2022
New cyber extortion op appears to have hit AMD
Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data Continue Reading
-
News
29 Jun 2022
Romance scammers exploit Ukraine war in cynical campaign
Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions Continue Reading
-
Feature
29 Jun 2022
Backup maintenance: Five key points to consider
Effective backups need to ensure all data is protected, and to track media and software changes. We look at five key things to consider Continue Reading
-
News
29 Jun 2022
Spy agencies need ‘independent authorisation’ to access telecoms data, say judges
The High Court has ruled that UK intelligence agencies should seek independent authorisation before accessing phone and internet records during criminal investigations Continue Reading
-
Definition
28 Jun 2022
hardware security
Hardware security is vulnerability protection that comes in the form of a physical device rather than software that's installed on the hardware of a computer system. Continue Reading
-
News
28 Jun 2022
Proposed changes to copyright law open doors for AI data mining
Update to copyright law will mean researchers who already have access to data will not require extra permission from copyright owner to run data mining algorithms, removing barriers to artificial intelligence research and development Continue Reading
-
News
28 Jun 2022
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens
Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware Continue Reading
-
News
28 Jun 2022
Russia-aligned hacktivists behind Lithuania DDoS attack
Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin Continue Reading
-
News
28 Jun 2022
Veritas aims at autonomous backup discovery and provisioning
Veritas bets on a backup platform that can discover all enterprise data – on-premise and in the cloud – and make its own decisions about the optimal place to store copies Continue Reading
-
28 Jun 2022
How to retain cyber talent in the Great Resignation
The cyber security industry is experiencing alarming rates of resignations, leaving organisations vulnerable to cyber attacks. How can we better retain cyber talent? Continue Reading
-
E-Zine
28 Jun 2022
Collaboration key to IT sector sustainability
In this week’s Computer Weekly, as sustainability rises up the corporate agenda, IT leaders say more collaboration is needed to meet climate goals. Microsoft faces further calls for greater transparency over software tools used to monitor employees. And the cyber security industry warns over an increasing loss of talent. Read the issue now. Continue Reading
-
News
27 Jun 2022
Commercial cyber products must be used responsibly, says NCSC CEO
NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel Continue Reading
-
News
27 Jun 2022
Brexit a net negative for UK cyber, say CISOs
Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe Continue Reading
-
News
27 Jun 2022
LockBit ransomware gang launches bug bounty programme
A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware Continue Reading
-
Feature
27 Jun 2022
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
Feature
27 Jun 2022
Secure everything, not just the weakest link
The rise in cyber attacks on supply chains has expanded the role of IT security chiefs and the complexity of keeping organisations secure Continue Reading
-
Feature
24 Jun 2022
10 metaverse dangers CIOs and IT leaders should address
The metaverse poses many of the same risks and security pitfalls that the internet does. Here's a look at 10 of those issues and how IT leaders should address them. Continue Reading
-
E-Zine
24 Jun 2022
CW APAC: Tech career guide to cyber security
The demands placed on those fighting against hackers are constantly evolving. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at the skills required to make it in the industry, how Singapore’s critical systems remain protected, the short-term options for tech stack management and how organisations can support cyber professionals’ mental health. Continue Reading
-
News
24 Jun 2022
Black Basta ransomware crew aiming for ‘big leagues’
Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason Continue Reading
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
-
Opinion
24 Jun 2022
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
News
24 Jun 2022
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
-
Opinion
23 Jun 2022
Finding the balance between innovation and data security in healthcare
As the government launches its data strategy for health and social care, a fine line must be trodden between innovating through privacy-enhancing technologies, and retaining data security for patients Continue Reading
-
Opinion
23 Jun 2022
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading
-
News
23 Jun 2022
Ukraine cyber agency enlists Radware to protect government networks
Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading
-
Feature
23 Jun 2022
What the world can learn from Saudi Arabia’s fight against industrial control system attacks
Iran learned from attacks on its infrastructure and unleashed similar malware on Saudi Arabia. The world has now gained valuable lessons from the Saudi response Continue Reading
-
News
23 Jun 2022
FCA seeks more tech expertise in fight against fraud
UK financial services regulator wants technology professionals to join its team fighting online fraud Continue Reading
-
News
23 Jun 2022
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
-
Opinion
23 Jun 2022
Germany – let’s stop debating data retention and start finding solutions
Germany has the opportunity to set the democratic precedent for ending the collection and retention of everybody’s call details record and metadata in the EU. It is time find real and effective solutions to crime Continue Reading
-
Opinion
23 Jun 2022
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
News
22 Jun 2022
Uber drivers strike over pay issues and algorithmic transparency
Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data Continue Reading
-
Opinion
22 Jun 2022
Why the world needs tech standards for UN Sustainable Development Goals
Chaesub Lee from the ITU argues that the world needs technology standards to address the UN’s Sustainable Development Goals Continue Reading
-
News
22 Jun 2022
NatWest files under whistleblower’s bed contain live customer data
Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’ Continue Reading
-
News
22 Jun 2022
How TDCX is building a people-centric business
Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading
-
Opinion
22 Jun 2022
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
Opinion
21 Jun 2022
We’re all technologists now – the powerful impact of low-code platforms
Low-code platforms are bringing a shift in how organisations develop and use technology – and it’s the job of the CIO to let it happen in a controlled, secure and connected fashion Continue Reading
-
News
21 Jun 2022
Government won’t regulate on professional cyber standards
The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession Continue Reading
-
News
21 Jun 2022
CNI leaders’ attitude to ransomware lackadaisical at best
A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats Continue Reading
-
News
21 Jun 2022
Microsoft Office 365 has ability to ‘spy’ on workers
Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work Continue Reading
-
Opinion
21 Jun 2022
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
E-Zine
21 Jun 2022
Dreams come true – how data and communication saved a failing company
In this week’s Computer Weekly, the former CEO of bed retailer Dreams explains how digital, data and communication helped turn round a failing company. The UK government has a new digital strategy – but it all seems rather familiar. And we talk to the tech firms trialling a four-day working week. Read the issue now. Continue Reading
-
News
20 Jun 2022
Lords move to protect cyber researchers from prosecution
A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their work Continue Reading
-
News
20 Jun 2022
Complex Russian cyber threat requires we go back to basics
The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains Continue Reading
-
Feature
20 Jun 2022
Challenges of securing a software supply chain
The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
-
News
19 Jun 2022
Aussie mobile users most vulnerable to security threats
Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds Continue Reading
-
Feature
17 Jun 2022
What the EU’s content-filtering rules could mean for UK tech
EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector Continue Reading
-
News
17 Jun 2022
Government responds to Data Reform Bill consultation
Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading
-
Opinion
17 Jun 2022
Consider governance, coordination and risk to secure supply chain
A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading
-
News
17 Jun 2022
MoD sets out strategy to develop military AI with private sector
The UK Ministry of Defence has outlined its intention to work closely with the private sector to develop and deploy a range of artificial intelligence-powered technologies, committing to ‘lawful and ethical AI use’ Continue Reading
-
News
16 Jun 2022
TalkTalk hacker Daniel Kelley gives up his black hat for good
After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career Continue Reading
-
Opinion
16 Jun 2022
Privacy-enhancing technologies – myths and misconceptions
As the UK and US prepare to open a joint privacy-enhancing technology (PET) prize challenge, expert Ellison Anne Williams busts some myths and misconceptions around this emerging area Continue Reading
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
-
Opinion
16 Jun 2022
Security Think Tank: Best practices for boosting supply chain security
In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
-
News
16 Jun 2022
Interpol arrests thousands in global cyber fraud crackdown
A two-month operation saw law enforcement agencies in 76 countries crack down on organised cyber fraud Continue Reading
-
Opinion
15 Jun 2022
Is digital ID still the missing link for the UK’s digital economy?
While progress has been made, the government’s proposed digital ID trust framework needs more work – and the tech industry wants to have more input Continue Reading
-
News
15 Jun 2022
$2k to access your organisation on the dark web
Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000 Continue Reading
-
Definition
15 Jun 2022
directory traversal
Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory. Continue Reading
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
-
Opinion
15 Jun 2022
Security Think Tank: Basic steps to secure your supply chain
When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
-
E-Zine
14 Jun 2022
Managing Apple Macs in the enterprise
In this week’s Computer Weekly, with more people working remotely, the use of Apple Macs in the enterprise is growing – we look at how to manage them securely. Our latest buyer’s guide examines security in the supply chain. And 10 years on from the London Olympics, we find out how data innovation is revitalising its legacy. Read the issue now. Continue Reading
-
News
13 Jun 2022
UK, US prepare to launch PET project
A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin Continue Reading
-
News
13 Jun 2022
Government recommits to UK’s cyber future in Digital Strategy
New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed Continue Reading
-
News
13 Jun 2022
New UK digital strategy aims to secure future growth for £150bn digital economy
Government publishes plan that brings together existing and new initiatives intended to expand the digital sector and help to establish the UK as a ‘superpower’ in science and tech Continue Reading
-
News
13 Jun 2022
New warning over tech suppliers in thrall to hostile governments
Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer Continue Reading
